'serial Number:09/081,872 t»viessing] GAU 2767 Amendment G 2 



Selection 7. p. 1 - The following amendment is to reinsert dropped matter which had been 
included without objection since Amendment C. 

Bacl^round Field of Inyention 

^This invention relates to creating and verifying between computers and on computer networks 
electronic signatures for electronic data, including electronic documents, filings and transaction 
records. 

Selection 2, p. 3. The third sentence was deleted in accordance with the objection of the 
Examiner. 

Private keys ai^e susceptible to theft from the computers or devices where they are stored, 
and wiieii stolen, can be used to connnit fraud with \drtually no detection until the 
certificate of the user is revoked by the certifiGation authority with respect to that 
paiticular corresponding public and private key pair . Private keys can also be 
compromised by sharing the passwords used to access them. It is often inconvcniont to 
install the kcvG and cortificatco on individual desktop or laptop machines, or to replace 
them in the event of suGpocted compromise or upon the certificate's repudiation. 

Selection 3. p. 4. The first two changes had been amended since Amendment C, but had been 
inadvertently omitted in the Second Substitute Specification; the third, which is a deletion, was 
matter objected to by the examiner; the last addition in the group was a phrase that had been 
amended without objection since Amendment B, but was inadvertently omitted from the Second 
Substitute Specification. 
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Objects and Adyantages 

Accordingly, several objects and adya^^^ are to provide a new type of 

eiectreniG sisnature-that.does not depend upon die extehsiy e certification authority infrastructure 
of digital signatures pn miiltiple client inacliines based on asymmetric encryption or tlie 
hardware and software investment of dynamic signatures: fiirther that it uses mfy a signature key 
e f-at a ser\*er computer rattier than many signature keys of many client computers, further tiiat 
it can automatically incpipprate authe^ generate and 

affix a date and time parameter teiken from the server's clock as fiirtiier evidence of identity 
auttientication at the time^ of tlie flirttier ttiat it p from 

vnln^nhilitio n through repeated u s e: signature and verificatiQn: fiirttier ttiat it eliminates tlie need 
for development of a discipline that does not yet exist; namely, ttie forensic science of electronic 
handvrating arialy sis ; and ttiat fiorth use by ineotporation of many types of 

Selection 4, p. 5. These changes had been made without objection, since Amendment C and 
were inadvertently omitted from the most previous version. 

Summary 

In accordance with ttie present invention, an electronic signature program is described for the 
creation, monitoring, and verification of an electronic signature generated by tiie interaction 
behveen tvs'o computers, one a client and flie other a server, for the signing of electronic data, 
such as documents, filings or transaction records without ttie need for an expensive and massive 
iiifr^tmcture of certi^ and ttie compiexities of installing and using digital 

certificates, \ \ ithout generating conflicts between applicable legal regimes in an int e rnational or 
miilti jurisdictional ^;^fting ^^-^^ r^mil . -^tinTi nf th o n xpnrt of encnption software- including cross- 
certifications , and/or without requiring hardware tablets and associated computer software. This 
system fiirttier is able to incorporate ottier existing teclinologies of prior art designed to 
auttienticate users to a server computer and ones not yet available or existing. 
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Selection 5, p. 7. Though not new matter, the amendment provides permissible clarification in 
accordance with the Examiner's comments and guidance in 2000, as discussed more 
particularly in the Remarks section. 

Creation of tiie signature is depicted in figure 3. In the preferred embodiment, the server has 

captured ftie unique network element parameter of a si^er, and where available, a credit caid 

authorization number from a card processor. V^Tiere authentication on the basis of stored identity 

criteria, such as a digital certificate, usemame and password, or biometrics is involved, 

alphanmneric elements, appropriate symbols or abbreviations can be used to represent tliese. 

Otheriiser identifier elements are known to tiiose skilled in the art and may include a legacy 

application that has developed a user identifier system: Infonnafion from tlae user elements (no. 

18) are combined with Ihe date-time parahieters of tlie server's system clock (no. 19) to create a 

signature transaction record , optionaily with a Globally Unique Identifier (GUID) derived from 

the blend of tlie components through message digesting, (no. 2Q)Because time continuously 

progresses, each signature transaction that occurs sequentially at the signature ser\-'er may be 

uniquely identifiable through die date and time of its creation. A miique network location. 
expressed as an IP address adds another element^ of uniqueness where two signature transaction 

records are created so closely iii titne as to have identical dates and time of creation. Since it is 

almost impossible for tiiem to have originated simultaneously from the same netAvork location, a 

unique network element parameter enables distinguishing between tliem. Adding identification 

of tlie user to the sigiiiatiire transaction, as tlirougti a usemame or a credit card authentication. 

binds the unique signature:S Q ^transactiQn.recQrd to the user's identity. This combination also 

permits the serv^er's date arid tirne of record creMon t o be ^te signatiure. 

A hash of tlie concatenated field vakies of flie unique signature transaction record can serve as a 

GUID, because each hash of aimique set of values is itself unique. Such a GUID simply can be 

added as another field of its corresponding signature transaction record as a convenient 

shortliand luiique identifier that can be used to locate, refer to, or identify it. 
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Selection 6, p. 7. The sentence beginning "Encapsulation consists of ..." was objected to by the 
examiner and was deleted. The text immediately following that deleted sentence had been 
inadvertently omitted from the Second Substitute Specification and had been in the specification 
without objection since Amendment C. The other changes are for clarity only 

Figure 4 demonstrates how tlie GUID is used to encapsulate how the digital sigiiatiire of the 
server computer digitally waps tiie data . An active X (com) object or otlier applications 
programming interface (API)(no. 23) at the Intemet ser\^er coniniunicates with the signature 
program of the Internet server to hash and sign the; information (no. 22) to be contained under the 
signature (no. 21) with the sen-ef s private key. Encapciilation consists of s^TOinetrically 
encQ^pting a detached digital signature's \^ilue, iising the GUID or component of it as tlie 
passw'ord or seed fno. 241 21). including the uniQue signature transaction record fields, which 
may be represented by the GUID. with a private key located at the ser\-er. Once the signature is 
thus digitally wrapped, it generated . it also constitutes signature transaction tneta-data that is 
stored at the serv'er and can be includedin an automatically generated email message (no. 2^ 
It 25> which is sent to the user at the em^ address diat the user self-reported to the Intemet 
server initially. 

Selection 7, bottom p. 7, top p.8. This section deletes material objected to by the Examiner. 

To verifi^ a signed docmnent, it is resubmitted to the sender, where the s^TOinetrically encrypted 
version of the digital signature js decr>^ted by recreating tlie synimetric key from tlie signature 
transactioirr^^^^^^^ it- g^^^d then nonnal verification on the basis of the 

ser\^er's public key is im^oked. 

Selection 8, p. 8, The following portion is simply being moved without modification to the last 
page of the Second Substitute Specification for clarity and so it is shown as a deletion here and 
later as an addition to the Specification. 
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The encr)pted digital signaUire etfe^ that tiie infpnm^^^ as tlie basis for the 

s>TOnetric key, including signature transaction record particulars, date and time values, and 
electronic signaaire cannot be altered after ttie fact witliout such change being detectable througli 
software upon verificatioiiv 

Selection 9, p. 8. The deleted material in the next section was objected to by the Examiner and 
the earlier version has been reinstated with the minor additional phraseology for clarity. 

The preferred embodiment also enables signer - supplied fomi submission data to be itlseited into 
appropriate locations in a transaction teinplate to be signed as part of a completed 
dociunent ^ digitallv signed wrapper also pemiits signer-supplied submission infonnation to be 
inserted into a document to be hicliKfed imder tlie server signature which is stored at the server as 
part of a transaction template, and wMch rtiay include standard teniis applicable to the class of 
transactions. This enables standardized contracts and clauses to be included inlegally binding 
contracts. The template may simply be a blank (stmcture only) document, to be filled in 
completely by the user, or it also may include -'boilerplate' Vmeaning standardized language tliat 
is intended to remain in tlie document. Boilerplate is commonly associated with legal, financial, 
real estate and mortgage phrases and provisions diat are intended as inalterable in the document 
finalization and signature process. For example, it can include standard temis tor purchase 
orders. For eKaiiiple, it can include notices and avennents to governmental regulatory bodies. For 
example, it can include electronic credit card charge slips. By putting the boilerplate tenns and 
conditions at tiie server and incorporating them as a template for signer data to complete and to 
beincMedmderthe:signature.^^ at^^G signer, unaulhorized pre-signature 

modifications are preverited. For exampfle^;^ an extreme exairiRle, ithe teinplate located on the 
ser\^er consists completely or alrnost entirely of boUerpl^^ language tliat the signer is expected to 
accept and sign or reject without adding, modifying or inserting any infonnation specific to the 
signer or transaction. For example, the transaction template may be used to generate an envelope 
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for the traiBmission and routing of one or more dociunents or files that are embedded into the 
envelope. Any of the doctiments and files with a potetitial to he eiiibedded in or attached to an 
envelope can also be signed using tMs itweiiti^ 
inventi®nv In feaeh^ <^s%^heM^m!plM^is^ 

under ttie signature affixed on behalf of the signer along with the previously described unique 
signature transaction infonnation, wMch mav be represented in shorthand: fashion by its 
corresponding GUID: 

Selection 9, bottom p. 8, top p. 9. The deleted material below was objected to by the Examiner 
and added material has been reinstated from the earlier version for clarity. 

Retum of signature transaction this information to the individual who signed tlie infonnation m 
an email message serves as a receipt and proof from flie ser\^er of a valid s ignature transaction. 
Such a proof of transaction can be^>TOmetrically signed by the ser\-er, providing inalterable 
proof y . nccertr , fiil signature verification as of a is a Teceipt ttiat is proof of the transaction, tlie 
' electronic signature, and tlie transaction content. 
particular time. If the email address is non-existent, intennediate mail server computers usually 
alert the ser\-^er via a failed email message ttiat tlie message was undeliverable. Such a message 
also ser\-^e$ to warn tlie server computer that a fraudulent transaction mav be in progress. 

Selection 10, p. 10-11. The first two minor changes were added without objection by 
Amendment C. The Examiner objected in the OA to the last several sentences of the section 
which have been deleted. 
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Conclusions, Ramifications, and Scope 

Accordingly, it can be seen that tiie above system allows client computer users to sign electronic 
docmiieiits, filliigs and transaction records subnfitted tb a ser^^er computer as thougli with pen 
and ink on paper, vvdthout any additional hardware or software; apart from an Internet web 
browser. Hie signature program reduces tlie need for a massive infrastructure investment of 
certification authorities by relying solely upon a -digital certificate at - the server 
computer, without any similar requirement that the signing party obtain a separate digital 
certificate, unless optionally required for receipt sighing purposes. The meliiod is able to make 
use of other current and fiiture technologies for computer user authentication systems, and is 
suited for the Internet and other computer networks. The use of a second enci>ption layer has a 
frirther advantage of protecting ttie private key. Without the symmetric digital wrapper that 
j changed with each signer transaction, an attackermight be networks. 

I able to deduce the private key attributes from an examination of a myriad of signatures and hash 
values. The s>nunetrically encrypted signature value also can sen^e to protect tlie underlying 
as>inmetric signature at a fiiture time when a factoring attack on asymmetric signatures by 
significantly more powerful computers may become computationally feasible. The s>inmetric 
encryption of tlie retumed asymmetric signature value serv^es to shield the asynunetric private 
key from a factoring attack as tlie symmetric enciphering wrapper cloaks tlie as>aiimetric 
signature value, hiding it from tlie attacker. 

Selection 11, p. 1 1-12. In the next section, the deleted material was objected to by the 
Examiner; the added material is being reinstated from a prior version. The next to the last 
sentence is reinstated because it was accidentally omitted in the most previous version and was 
added without objection to Amendments C and D respectively. The very last sentence was 
simply moved from another page (p.7) to this one for clarity of expression. 
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Although the description above contains much specificity, this should not be construed as 
limiting the scope of tlie invention but as merely providing illustrations of some of tlie presently 
preferred embodiments of this invention. Various other embodiments and ramifications are 
possible mthm its scppe. Eor example, other luiique system infonnation of tlie sender can be 
used in addition to die system clock to generate a unique record and its GUID. which may also 
be encrypted. 

Modification within the spirit of the invention will also be apparent to those skilled in the art.Fer 
example, other unique system infonnation of tlie server can be used in addition to tlie system 
clock to genorato a signature transaction record, all or parts of wiiich may also be encr>pted. For 
example, copies of a single asymmetric key may be distribiitcdamong sc^xral different ser\-ers, 
or a single scr/er may have a number of different asymmetric keys for use by each of \^arious 
aoGigned iiidM^ For example, signers maybe authonticatcdby taisted 

third part)^ assertions. For example, a message digest generated during signature may be 
cncr>^pted onl)nsing a s>Tiimetric key, rather than an asymnetric key, bypassing a second 
oricryfptidn st o p. Altemativcly, the syamtlotric chcQption of tlie message digest ma>' precede the 
aGyanmetric encryption, allowing the asjanmetric encryption to act as a digital swapper for the 
oyaimietric encryption. For example, electronic processes may sigri as client users on behalf of 
individuals or entities. For example, enveloped or c m-eloping digital signatures may be generated 
using tliis invention in addition to detached digital signatures. 

in another embodiment, the GUIDmavbe used as tlie password or seed for a symmetric 
encryption cipher known to one skilled in the art such as RC4 to generate aunioue encryption 
key. Application of this key to tlie document to be signed symmetrically enc rypts the docmnent. 
Tliis encrypted version of tlie document is unique and constitutes the signatu re of tlie docmnent. 
To verify the docmnent. either the encrypted version is decrypted using the unique key, or Hie 
I presented version for verification is re-encrvpted using tiie miique key. If t lie presented document 
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is genuine, the two end products will be identical. As the GUID contains also infomiation about 
the identity of the signer, an electronic signature is created. As an intennediate step in the 
signature process, the document may optionally be hashed or digested prior to encnnotion with 
the.sMm3ijStricjupher.^M 

embodiment, in that in Qie latter, a message digesting fiinction or asyinnietric key pair is used for 
the signature and verification fiinctionsfr.11. ^^hile in the former, in a second stage, symmetric 
encryption can be used to encrypt tlie intermediate digest or private key signature arrived at 
using tlie preferred embodiment. The encrypted digital signature ensures that the intbmiation 
inckided as the basis for tlie symmetric key, inchiding signature transaction record particulars, 
date and time values, and electronic signature cannot be altered after tlie fact witliout such 
I change being detectable tlirough sQtl;ware upon, verification. 

Please see the Remarks section for further analysis and discussion. 
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